Modern computer systems place a high importance on maintaining data and application security. In a modern distributed and/or virtual computer system where a plurality of users, services, applications, virtual machines, controlling domains and hosts may have access to a computer system, maintaining data and application security may be a difficult problem. In a distributed and/or virtual computer system environment, for example, where the computer system resources may be provided by a computing resource service provider, customers may also wish for additional security for confidential data and/or privileged applications, safeguarding such data and/or applications from others and even from the computing resource service provider.
Encrypting data and/or applications may help ameliorate the security risks, but the owners of the data and/or applications often desire additional assurances. For example, customers may desire assurances that users, services, applications, virtual machines, controlling domains and hosts may not access confidential data that the customer has saved in a data storage repository on a computer system accessible by one or more users, services, applications, virtual machines, controlling domains or hosts. Without such assurances, customers may be reluctant to use the computer system services provided by the computing resource service provider and, likewise, such computing resource service providers may be apprehensive about hosting such sensitive data on hosts accessible to other customers. Furthermore, application of additional security measures for protecting sensitive data, such as additional and/or more computationally intensive encryption techniques, may be costly to both the customer and the computing resource service provider and may lead to decreased system performance, decreased resource availability, and a degradation in customer satisfaction.